Google announces Project Zero to make Internet safer and secure

In a move to make Internet safer and secure, Google has announced Project Zero. The search giant is aiming to reduce the number of people harmed by targeted attacks with its new project and has appointed a “well-staffed team” to begin its work on bugs like Heartbleed as well as on “zero-day” vulnerabilities.

“Project Zero is our contribution, to start the ball rolling. Our objective is to significantly reduce the number of people harmed by targeted attacks,” says Google security engineer Chris Evans in a blog post. “We’re hiring the best practically-minded security researchers and contributing 100 percent of their time toward improving security across the Internet.”

When we say Internet, most of us start thinking of Google. This is the reason, the search giant tries to take an initiative to make the web access safer and secure from vulnerabilities and attacks.

“We’re not placing any particular bounds on this project and will work to improve the security of any software depended upon by large numbers of people, paying careful attention to the techniques, targets and motivations of attackers,” Evans added.

Google will use standard approaches such as locating and reporting large numbers of vulnerabilities as well as conduct new research into mitigations, exploitation and program analysis to find the root causes of vulnerabilities.

All the bugs discovered from the research under Project Zero will be listed under a public database. In addition, bugs will only be reported to the software vendors, without reaching third parties.

Google will make it open for the public to monitor vendor time-to-fix performance, see any discussion about exploitability, and view historical exploits and crash traces once a patch of the reported bug become available. “We also commit to sending bug reports to vendors in as close to real-time as possible, and to working with them to get fixes to users in a reasonable time,” Evans said.

To expand the community of the researchers for Project Zero, Google is set to provide benefits such as extensions of its popular reward initiatives and guest blog posts. This would attract a decent number of security researchers to make the project successful.

Project Zero seems like an initial step by Google on a way to take on all the attackers who use security holes to attack on the web. Using the skills of researchers, the project may put a hold on some vulnerabilities across the web world, whether it is accessed through mobile devices or via desktops.